Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft
File:                     r39NEPAZQ0EHs7XcU6yakZjFxH0.mft (raw, json)
Hash identifier:          KWX//K6PQ1Oc38tuEflyN+PUbtenqmeKQvBNQ8l0OzQ=
Subject key identifier:   4B:2B:26:F7:21:01:36:58:53:8B:E9:33:C6:C5:34:B5:99:0A:21:11
Authority key identifier: AF:7F:4D:10:F0:19:43:41:07:B3:B5:DC:53:AC:9A:91:98:C5:C4:7D
Certificate issuer:       /CN=af7f4d10f019434107b3b5dc53ac9a9198c5c47d
Certificate serial:       01974D0DC397FBDB96CFBCBC952CC3CA86F8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r39NEPAZQ0EHs7XcU6yakZjFxH0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft
Manifest number:          0D6D
Signing time:             Sun 08 Jun 2025 01:00:37 +0000
Manifest this update:     Sun 08 Jun 2025 01:00:37 +0000
Manifest next update:     Mon 09 Jun 2025 01:00:37 +0000
Files and hashes:         1: r39NEPAZQ0EHs7XcU6yakZjFxH0.crl (hash: L4oSBuSNyw7bhZ5HoB7YX4BX8oVj9BVvemuqGP9R9NU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/r39NEPAZQ0EHs7XcU6yakZjFxH0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 20:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4d:0d:c3:97:fb:db:96:cf:bc:bc:95:2c:c3:ca:86:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af7f4d10f019434107b3b5dc53ac9a9198c5c47d
        Validity
            Not Before: Jun  8 01:00:37 2025 GMT
            Not After : Jun  9 01:00:37 2025 GMT
        Subject: CN=4b2b26f721013658538be933c6c534b5990a2111
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:4f:27:35:4d:a0:41:d6:80:c1:a4:a1:0a:bf:
                    3a:ac:4b:be:98:0d:0b:fa:fa:ed:2c:d1:20:38:4d:
                    a6:cd:bc:ec:d0:b6:d6:5a:e0:7a:1b:12:45:39:5e:
                    d2:20:48:52:8a:67:a3:32:50:33:50:23:5f:d4:a5:
                    bc:d8:fb:d7:40:b1:ff:9a:a9:8d:6b:47:c4:82:99:
                    26:fb:17:7e:22:33:02:c3:8b:c5:e3:7a:16:b0:3d:
                    d0:8d:d5:13:d5:d5:a5:c5:71:0e:fd:38:89:b4:b3:
                    b6:d6:42:61:1a:1a:14:a2:93:7f:02:5b:d6:d6:4e:
                    96:46:88:da:7a:a1:fc:c0:91:8f:43:f5:fb:a7:06:
                    4f:d6:d2:21:a5:07:5f:72:e6:2b:c4:57:a0:bd:b7:
                    fd:75:50:78:10:aa:5f:5a:09:50:ca:a6:9c:70:97:
                    d1:c7:ba:62:71:8d:90:44:f4:2e:fc:a1:da:a9:d2:
                    4c:d6:e2:cc:33:e7:2d:e7:d9:aa:db:21:51:f6:54:
                    13:e8:ea:2a:9c:76:23:b6:4b:09:bd:67:a0:3a:7f:
                    d3:2b:0a:98:cf:d2:78:20:49:a5:6b:67:db:37:a7:
                    48:f2:7b:28:80:68:e4:76:6c:86:76:ee:fd:db:3a:
                    15:40:bf:50:6c:c2:29:0f:a0:12:f8:13:fe:a4:2f:
                    96:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:2B:26:F7:21:01:36:58:53:8B:E9:33:C6:C5:34:B5:99:0A:21:11
            X509v3 Authority Key Identifier:
                keyid:AF:7F:4D:10:F0:19:43:41:07:B3:B5:DC:53:AC:9A:91:98:C5:C4:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r39NEPAZQ0EHs7XcU6yakZjFxH0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         49:6e:12:2a:27:85:1d:8a:ac:6f:c2:a2:66:cf:90:bd:41:2b:
         5f:bb:e7:be:69:da:42:05:b1:d4:c4:81:d6:ea:65:b1:ea:eb:
         75:37:c9:5a:f1:0c:3a:96:58:b0:00:ab:ae:56:40:9b:44:ed:
         6e:97:81:35:dc:0b:ca:29:84:1d:3e:f3:d1:96:1b:cb:64:d2:
         64:2c:ff:49:0f:df:66:c7:24:06:04:c6:af:f7:1d:5b:5e:25:
         4b:f1:22:fe:f8:f5:ef:87:45:d5:28:2e:44:bf:35:05:4f:0d:
         92:db:2b:2c:f1:bb:e5:f4:6a:85:31:2a:6d:e3:73:44:f3:18:
         62:63:55:23:f3:51:b0:92:63:3c:60:b8:a9:bf:2b:98:99:eb:
         a6:03:08:96:00:c1:6c:50:02:c2:33:8f:f2:7c:c7:b5:96:17:
         7e:97:ee:09:35:d6:d9:a4:78:1d:cf:6b:03:01:14:ff:f2:87:
         f6:e6:99:bf:96:8a:34:53:45:6f:27:44:1a:f7:8a:f5:87:69:
         2d:f6:e7:f1:33:3b:de:31:31:89:8d:02:d2:66:7c:fc:9b:f7:
         34:d4:1e:c7:7f:40:a6:01:6c:39:5a:61:29:5d:d3:f3:64:02:
         21:2d:a8:c1:8d:be:c0:58:4c:87:ac:b4:f2:90:08:0c:74:6c:
         13:56:8c:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdNDcOX+9uWz7y8lSzDyob4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmN2Y0ZDEwZjAxOTQzNDEwN2IzYjVkYzUzYWM5YTkxOThj
NWM0N2QwHhcNMjUwNjA4MDEwMDM3WhcNMjUwNjA5MDEwMDM3WjAzMTEwLwYDVQQD
Eyg0YjJiMjZmNzIxMDEzNjU4NTM4YmU5MzNjNmM1MzRiNTk5MGEyMTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArk8nNU2gQdaAwaShCr86rEu+mA0L
+vrtLNEgOE2mzbzs0LbWWuB6GxJFOV7SIEhSimejMlAzUCNf1KW82PvXQLH/mqmN
a0fEgpkm+xd+IjMCw4vF43oWsD3QjdUT1dWlxXEO/TiJtLO21kJhGhoUopN/AlvW
1k6WRojaeqH8wJGPQ/X7pwZP1tIhpQdfcuYrxFegvbf9dVB4EKpfWglQyqaccJfR
x7picY2QRPQu/KHaqdJM1uLMM+ct59mq2yFR9lQT6OoqnHYjtksJvWegOn/TKwqY
z9J4IEmla2fbN6dI8nsogGjkdmyGdu792zoVQL9QbMIpD6AS+BP+pC+WhwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEsrJvchATZYU4vpM8bFNLWZCiERMB8GA1UdIwQY
MBaAFK9/TRDwGUNBB7O13FOsmpGYxcR9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjM5TkVQQVpRMEVIczdYY1U2eWFrWmpGeEgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9kMjc0OWQtZjc3My00NzFhLWFjYTMt
NjE4ZDk1ZmUzOTAxLzEvcjM5TkVQQVpRMEVIczdYY1U2eWFrWmpGeEgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9kMjc0OWQtZjc3My00NzFhLWFjYTMtNjE4ZDk1ZmUzOTAx
LzEvcjM5TkVQQVpRMEVIczdYY1U2eWFrWmpGeEgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASW4SKieF
HYqsb8KiZs+QvUErX7vnvmnaQgWx1MSB1uplserrdTfJWvEMOpZYsACrrlZAm0Tt
bpeBNdwLyimEHT7z0ZYby2TSZCz/SQ/fZsckBgTGr/cdW14lS/Ei/vj174dF1Sgu
RL81BU8NktsrLPG75fRqhTEqbeNzRPMYYmNVI/NRsJJjPGC4qb8rmJnrpgMIlgDB
bFACwjOP8nzHtZYXfpfuCTXW2aR4Hc9rAwEU//KH9uaZv5aKNFNFbydEGveK9Ydp
Lfbn8TM73jExiY0C0mZ8/Jv3NNQex39ApgFsOVphKV3T82QCIS2owY2+wFhMh6y0
8pAIDHRsE1aMEw==
-----END CERTIFICATE-----